INERTIA ETHICS MANUAL

Size: px
Start display at page:

Download "INERTIA ETHICS MANUAL"

Transcription

1 SEVENTH FRAMEWORK PROGRAMME Smart Energy Grids Project Title: Integrating Active, Flexible and Responsive Tertiary INERTIA Grant Agreement No: Collaborative Project INERTIA ETHICS MANUAL Responsible Partner Authors CERTH Thanasis Tryferidis (CERTH) Date September 2013

2 Contents INTRODUCTION... 3 SCOPE OF THE ETHICS MANUAL... 3 PILOT EVALUATION AT CERTH PREMISES... 4 MONITORING AND CONTROL INFRASTRUCTURES... 4 LEGISLATION... 6 GUIDELINES... 6 I. Personal Data... 6 II. Acquisition and storage of human related information... 7 III. Collection of data from participants... 8 IV. Rights of Participants... 9 V. Data Confidentiality and Security VI. Installation of sensors - Notification VII. Group-based scenarios VIII. Individual scenarios I N E R T I A E T H I C S M A N U A L P a g e 2

3 INTRODUCTION INERTIA project addresses the structural inertia of existing Distribution Grids by introducing more active elements combined with the necessary control and distributed coordination mechanisms. The INERTIA framework, will achieve the efficient integration of Distributed Energy resources (DER) within innovative Demand Side Management (DSM). Energy demand management, also known as demand side management (DSM), is the modification of consumer demand for energy through various methods such as financial incentives and education. Usually, the goal of demand side management is to encourage the consumer to use less energy during peak hours, or to move the time of energy use to off-peak times such as night time and weekends. One of the main goals of INERTIA Building Hub is to minimize or eventually eliminate required Occupant Interaction and thus overall Occupant Disturbance during building operations under normal everyday conditions or Demand Response events. The occupant will not have to explicitly define specific operational profiles; instead these will be defined by continuously monitoring user control actions and also reactions (corrective control actions) to specific automated control operations. SCOPE OF THE ETHICS MANUAL The current Ethics Manual has been produced by the INERTIA Ethical HelpDesk towards the diffusion and establishment of all the ethical guidelines that should be taken into consideration during the Greek pilots, where final occupants will be involved and data collection is going to take place. The manual will be constantly updated throughout the whole duration of the project based on new ethical issues or problems that may arise. The final version of the Ethics Manual will provide all the needed information and guidelines for the topics addressed by the INERTIA framework. This document is intended, first of all, for all the project staff that will participate in the pilot preparation and realization. Software developers, managerial and technical I N E R T I A E T H I C S M A N U A L P a g e 3

4 staff memebers of the pilot partner should carry all their activities in accordance with the guidelines outlined here. Secondarily, the manual is directed to all the people involved in the project and especially to final occupants, who are the ones actually participating in the pilots and may want to be further informed about the guidelines adopted by the project. PILOT EVALUATION AT CERTH PREMISES In order to calibrate, test and assess the overall INERTIA project s infrastructures, a Pilot Evaluation Framework will be set up. Within this evaluation framework, a Real End-Prosumer Pilot has been planned to be held at CERTH premises. The CERTH Pilot will comprise of multifaceted workplaces, incorporating specific variations of occupancy and building usage patterns, different occupancy profiles, various types of demand loads (e.g. office receptacle loads office equipment, other types of central building loads like lighting and HVAC, commercial equipment for public area infrastructures like freezers, dish-washers etc.) as well as local generation loads (Renewable Energy Sources (RES) Photovoltaic Installation and Electric Vehicles (EVs)). The final selection of 3 different sub-areas was concluded after a thorough survey of the CERTH premises by corresponding consortium partners and under the supervision of the Project Coordinator, ensuring the fact that these areas constitute complete and representative consumer clusters covering all Demand Response aspects treated within INERTIA framework. Furthermore, the selection was based on a set of ethical and privacy principles, in conformance with respective laws and ethics deontology. MONITORING AND CONTROL INFRASTRUCTURES For the need of the pilot realization and assessment, a set of different sensors will need to be installed at various places, to allow both monitoring and control. More specifically, different types of sensors will be installed in terms of: consumption measurements, occupancy monitoring, user preferences monitoring, automatic control of devices. Two different user scenarios will be evaluated during the pilot tests: group-based and individual. In the group-based scenarios only aggregated I N E R T I A E T H I C S M A N U A L P a g e 4

5 data will be collected, while in the individual scenarios data will be related with specific occupants using RFID equipment. The local ethical committee of the pilot partner (CERTH) has been informed for the data collection as part of the study and an ethical approval form has already been signed providing formal permission to the whole procedure. Given this monitoring, it is essential to protect the rights and the privacy of all the participants. To that end, this Ethics Manual has been composed by the INERTIA Ethical HelpDesk including all the necessary ethical and privacy guidelines in order to inform all involved parties towards preserving the privacy of the user, protecting his/her private data and limiting the risk of interception to the minimum. This document will be constantly updated throughout the whole duration of the project. I N E R T I A E T H I C S M A N U A L P a g e 5

6 LEGISLATION The INERTIA project must abide by the ethical rules of the EU and due to the fact that the main pilots is going to take place in Greece, by the respective legislation of the country. More specifically, the legislation that the INERTIA framework has to conform with is: European Union Directives 95/46/EC & 2002/58/EC Greece Law 2472/97 (amendments: 3471/06 & 3917/11) GUIDELINES I. Personal Data Personal Data must be: processed fairly and lawfully; collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes. Further processing of data for historical, statistical or scientific purposes shall not be considered as incompatible provided that Government provides appropriate safeguards; adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed; accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified; kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. I N E R T I A E T H I C S M A N U A L P a g e 6

7 II. Acquisition and storage of human related information The pilot tests supervisor should inform the participants with clarity about the procedure of the pilot tests, the system operation and the objectives, the data retrieval and storage and the exact dates the tests will be running. No sensitive personal data should be collected. In no case more personal data should be collected than the necessary ones, according to the requirements of article 4 Law 2472/1997 and its amendment by Law 3471/2006 (Greece). No personal data should be centrally stored, but they should be scrambled where possible and abstracted in a way that will not affect the final project outcome. No data should be collected without the explicit written consent of the occupants under observation (group-based and individual scenarios). No data collected should be sold or used for any purposes other than the current project. A data minimization policy should be adopted at all levels of the project and should be supervised by the respective ethical/privacy component. This will ensure that no data which is not strictly necessary to the completion of the current study will be collected. Any shadow (ancillary) personal data obtained during the course of the research should be immediately cancelled. However, this kind of ancillary data should be minimized as much as possible. Special attention should also be paid to complying with the Council of Europe s Recommendation R(87)15 on the processing of personal data for police purposes, Art.2 : The collection of data on individuals solely on the basis that they have a particular racial origin, particular religious convictions, sexual behaviour or political opinions or belong to particular movements or organizations which are not proscribed by law should be prohibited. The collection of data I N E R T I A E T H I C S M A N U A L P a g e 7

8 concerning these factors may only be carried out if absolutely necessary for the purposes of a particular inquiry. The burden for enrolled subjects should not be superior to that imposed by participation in standard market research. If employees of partner organizations, or university students serving in any partner university, are to be recruited, specific measures should be in place in order to protect them from a breach of privacy/confidentiality and any potential discrimination; In particular their names should not be made public and their participation should not be communicated to their managers. Any incidental findings should be kept strictly confidential and erased from files under request from the enrolled subject. Additionally, in the case of enrolment of employees of any partner organization, the recruitment method and informed consent procedures should be particularly stringent to ensure no coercion (not even soft or indirect) is exerted. The research to be conducted should be in full compliance with the principles and guidelines of Ethics for Researchers to Facilitate Research Excellence in FP7, prepared by the EC Governance and Ethics Unit in III. Collection of data from participants The pilot controller or his representative must provide participants from whom data related to themselves are collected with at least the following information, except where he already has it: the identity of the controller and of his representative, if any; the purposes of the processing for which the data are intended; any further information such as - the recipients or categories of recipients of the data, - whether replies to the questions are obligatory or voluntary, as well as the possible consequences of failure to reply, I N E R T I A E T H I C S M A N U A L P a g e 8

9 - the existence of the right of access to and the right to rectify the data concerning them in so far as such further information is necessary, having regard to the specific circumstances in which the data are collected, to guarantee fair processing. These guidelines shall not apply where, in particular for processing for statistical purposes or for the purposes of historical or scientific research, the provision of such information proves impossible or would involve a disproportionate effort or if recording or disclosure is expressly laid down by law. In these cases the Government shall provide appropriate safeguards. IV. Rights of Participants Participants will have the right to access their personal data as well as their extracted profiling parameters. Participants will be able to quit the experiment at any point, if they wish, without any consequences. He/she can exercise his/her right to access, correct and delete his/her data at any moment. Moreover, every participant has the Right to obtain from the pilot controller: without constraint at reasonable intervals and without excessive delay or expense: - confirmation as to whether or not data relating to him are being processed and information at least as to the purposes of the processing, the categories of data concerned, and the recipients or categories of recipients to whom the data are disclosed, - communication to him in an intelligible form of the data undergoing processing and of any available information as to their source, - knowledge of the logic involved in any automatic processing of data concerning him; I N E R T I A E T H I C S M A N U A L P a g e 9

10 as appropriate the rectification, erasure or blocking of data the processing of which does not comply with the provisions of this Manual, in particular because of the incomplete or inaccurate nature of the data; notification to third parties to whom the data have been disclosed of any rectification, erasure or blocking, unless this proves impossible or involves a disproportionate effort. The participant has the Right to Object: at any time on compelling legitimate grounds relating to his particular situation to the processing of data relating to him, save where otherwise provided by national legislation. Where there is a justified objection, the processing instigated by the pilot controller may no longer involve those data; to object, on request and free of charge, to the processing of personal data relating to him which the pilot controller anticipates being processed for the purposes of direct marketing, or to be informed before personal data are disclosed for the first time to third parties or used on their behalf for the purposes of direct marketing, and to be expressly offered the right to object free of charge to such disclosures or uses. V. Data Confidentiality and Security Any person acting under the authority of the pilot controller or of the data processor, including the processor himself, who has access to personal data must not process them except on instructions from the controller, unless he is required to do so by law. The controller must implement appropriate technical and organizational measures (e.g. PET technologies) to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. I N E R T I A E T H I C S M A N U A L P a g e 10

11 Having regard to the state of the art and the cost of their implementation, such measures shall ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected. The carrying out of processing by way of a processor must be governed by a contract or legal act binding the processor to the controller and stipulating in particular that: - the processor shall act only on instructions from the controller, - the obligations, as defined by the Governments laws in which the processor is established, shall also be incumbent on the processor. VI. Installation of sensors - Notification All sensors utilized during the pilot should be privacy-preserving and should neither acquire sensitive personal data nor violate personnel s privacy. The controller of the study or his representative, if any, must notify the supervisory authority (INERTIA Ethical HelpDesk) before carrying out any data collection process. The information to be given in the notification shall include at least: - the name and address of the controller and of his representative, if any; - the purpose or purposes of the processing; - a description of the category or categories of data subject and of the data or categories of data relating to them; - the recipients or categories of recipient to whom the data might be disclosed; - proposed transfers of data to third countries; I N E R T I A E T H I C S M A N U A L P a g e 11

12 - a general description allowing a preliminary assessment to be made of the appropriateness of the measures taken to ensure security of processing. All offices/areas that will be monitored and controlled with any type of sensors and equipment should be appropriately marked with Notification Posters, describing in detail equipment used and monitoring procedures taking place towards INERTIA project s objectives. All occupants, whose working offices/areas will be monitored during the pilot, should be thoroughly informed and their oral approval should be requested. Especially, occupants participating in the individual scenarios should sign a consent form before the pilot phase begins. VII. Group-based scenarios Only aggregated information should be extracted per office/area. No individual data should be gathered or analysed. For example, when monitoring an office s occupancy, only data concerning the first arrival and last departure should be collected, not including information on who was actually the first to arrive or the last to depart. In a similar sense, when monitoring air-conditioning settings, these data should not be correlated to specific people working in each office but instead to the office itself. All personnel working in the selected pilot sites should have been notified on the project s objectives, the pilot duration, the test procedures, the sensor infrastructures and the occupancy and user preferences profiles extraction procedures that will take place and have signed the respective consent form before the data acquisition process begins. In case one or more people working in a selected space (e.g. office) refuse to participate in the group-based scenarios, the responsible partner for pilot audits along with the project coordinator will decide on excluding/substituting this office with one with similar characteristics, or consider to proceed to temporary personnel shifting in other offices for the time period the pilot I N E R T I A E T H I C S M A N U A L P a g e 12

13 tests will take place (the duration will be from a couple of weeks to no more than a few months). VIII. Individual scenarios Individuals should be thoroughly informed about the scenarios to be implemented during the pilot tests. Individuals should be informed of the need to carry an RFID card, so that their location within monitored areas can be tracked along with further data about their preferences on office and home appliances used during working hours. They should also be notified about with the respective details of the individual data acquisition process. Individuals should have signed a consent form before the actual pilot realization phase. Individuals should be informed that they can withdraw at any time with no obligations, except the return of any given equipment (e.g. RFID cards). I N E R T I A E T H I C S M A N U A L P a g e 13

Guidelines on Data Protection. Draft. Version 3.1. Published by

Guidelines on Data Protection. Draft. Version 3.1. Published by Guidelines on Data Protection Draft Version 3.1 Published by National Information Technology Development Agency (NITDA) September 2013 Table of Contents Section One... 2 1.1 Preamble... 2 1.2 Authority...

More information

Data Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document

Data Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document Data Protection Processing and Transfer of Personal Data in Kvaerner Binding Corporate Rules Public Document 1 of 19 1 / 19 Table of contents 1 Introduction... 4 1.1 Scope... 4 1.2 Definitions... 4 1.2.1

More information

Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion

Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Page 1 sur 155 Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Legal nature of the instrument Règlement Directive Directly applicable act in internal law 91 articles 34 articles Art.

More information

Personal Data Act (1998:204);

Personal Data Act (1998:204); Personal Data Act (1998:204); issued 29 April 1998. Be it enacted as follows. General provisions Purpose of this Act Section 1 The purpose of this Act is to protect people against the violation of their

More information

Data protection compliance checklist

Data protection compliance checklist Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing

More information

Corporate Policy. Data Protection for Data of Customers & Partners.

Corporate Policy. Data Protection for Data of Customers & Partners. Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing

More information

Code of Conduct. Corporate Data Protection. We make ICT strategies work

Code of Conduct. Corporate Data Protection. We make ICT strategies work Corporate Data Protection Code of Conduct for the Protection of the Individual s Right to Privacy in the Handling of Personal Data within the Deutsche Telekom Group 2010 / 04 We make ICT strategies work

More information

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.

More information

Policy and Procedure Title: Maintaining Secure Learner Records Policy No: CCTP1001 Version: 1.0

Policy and Procedure Title: Maintaining Secure Learner Records Policy No: CCTP1001 Version: 1.0 PROVIDER NAME: POLICY AREA: College of Computing Technology (CCT) Standard 10: Information Management, Student Information System & Data Protection Policy and Procedure Title: Maintaining Secure Learner

More information

LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT

LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT 2300 Pursuant to its authority from Article 59 of the Rules of Procedure of the Croatian Parliament, the Legislation Committee determined the revised text

More information

Binding Corporate Rules ( BCR ) Summary of Third Party Rights

Binding Corporate Rules ( BCR ) Summary of Third Party Rights Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting

More information

GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS

GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS December 2005 2 GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS I. OBJECTIVE... 1 II. SCOPE... 1 III. APPLICATION OF LOCAL LAWS...

More information

Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data

Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data *) For the purposes of these Corporate Guidelines, Third Countries are all those countries, which do not

More information

on the transfer of personal data from the European Union

on the transfer of personal data from the European Union on the transfer of personal data from the European Union BCRsseptembre 2008.doc 1 TABLE OF CONTENTS I. PRELIMINARY REMARKS 3 II. DEFINITIONS 3 III. DELEGATED DATA PROTECTION MANAGER 4 IV. MICHELIN GROUP

More information

Data Protection Standard

Data Protection Standard Data Protection Standard Processing and Transfer of Personal Data in Aker Solutions (Binding Corporate Rules) Aker Solutions www.akersolutions.com Table of contents 1 Introduction... 3 1.1 Scope... 3 1.2

More information

PRESIDENT S DECISION No. 40. of 27 August 2013. Regarding Data Protection at the European University Institute. (EUI Data Protection Policy)

PRESIDENT S DECISION No. 40. of 27 August 2013. Regarding Data Protection at the European University Institute. (EUI Data Protection Policy) PRESIDENT S DECISION No. 40 of 27 August 2013 Regarding Data Protection at the European University Institute (EUI Data Protection Policy) THE PRESIDENT OF THE EUROPEAN UNIVERSITY INSTITUTE, Having regard

More information

CROATIAN PARLIAMENT 1364

CROATIAN PARLIAMENT 1364 CROATIAN PARLIAMENT 1364 Pursuant to Article 88 of the Constitution of the Republic of Croatia, I hereby pass the DECISION PROMULGATING THE ACT ON PERSONAL DATA PROTECTION I hereby promulgate the Act on

More information

Brussels, 20 July 2010 (Case 2009-0215) 1. Proceedings

Brussels, 20 July 2010 (Case 2009-0215) 1. Proceedings Opinion on a notification for Prior Checking received from the Data Protection Officer of the European Investment Bank (EIB) concerning procedures related to "360 Leadership feedback report" Brussels,

More information

The Romanian Parliament adopts the present law. Chapter I: General Provisions

The Romanian Parliament adopts the present law. Chapter I: General Provisions Law No. 677/2001 on the Protection of Individuals with Regard to the Processing of Personal Data and the Free Movement of Such Data, amended and completed The Romanian Parliament adopts the present law.

More information

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in

More information

Principles Concerning the Protection of Personal Data in the Workplace: Guidelines for Employee Monitoring *

Principles Concerning the Protection of Personal Data in the Workplace: Guidelines for Employee Monitoring * 1 Unofficial Translation Principles Concerning the Protection of Personal Data in the Workplace: Guidelines for Employee Monitoring * The Office for Personal Data Protection, September 2007 In accordance

More information

The primary responsibility for the data processing lies within the Administration Department, which the FINCOP Unit is part of.

The primary responsibility for the data processing lies within the Administration Department, which the FINCOP Unit is part of. Opinion on a Notification for Prior Checking received from the Data Protection Officer of the European Training Foundation Regarding the Processing Operations to Manage Calls for Tenders Brussels, 22 April

More information

OSRAM BCR Binding Corporate Rules ( BCR ) for OSRAM Group Companies and Adopting Companies for the protection of personal data

OSRAM BCR Binding Corporate Rules ( BCR ) for OSRAM Group Companies and Adopting Companies for the protection of personal data OSRAM BCR Binding Corporate Rules ( BCR ) for OSRAM Group Companies and Adopting Companies for the protection of personal data Terms Adopting company an OSRAM associated company in Germany or overseas

More information

Personal Data Protection LAWS OF MALAYSIA. Act 709 PERSONAL DATA PROTECTION ACT 2010

Personal Data Protection LAWS OF MALAYSIA. Act 709 PERSONAL DATA PROTECTION ACT 2010 1 LAWS OF MALAYSIA Act 709 PERSONAL DATA PROTECTION ACT 2010 2 Laws of Malaysia ACT 709 Date of Royal Assent...... 2 June 2010 Date of publication in the Gazette......... 10 June 2010 Publisher s Copyright

More information

AIRBUS GROUP BINDING CORPORATE RULES

AIRBUS GROUP BINDING CORPORATE RULES 1 AIRBUS GROUP BINDING CORPORATE RULES 2 Introduction The Binding Corporate Rules (hereinafter BCRs ) of the Airbus Group finalize the Airbus Group s provisions on the protection of Personal Data. These

More information

Data Protection Policy.

Data Protection Policy. Data Protection Policy. Data Protection Policy Foreword 2 Foreword Ladies and Gentlemen, In the information age, we offer customers the means to be always connected, even in their cars. This requires data

More information

Align Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved.

Align Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved. Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION

More information

The supplier shall have appropriate policies and procedures in place to ensure compliance with

The supplier shall have appropriate policies and procedures in place to ensure compliance with Supplier Instructions for Processing of Personal Data 1 PURPOSE SOS International has legal and contractual obligations on the matters of data protection and IT security. As a part of these obligations

More information

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; OBJECTS AND REASONS This Bill would provide for (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; (b) the protection of the privacy of individuals in relation

More information

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007 Linde Integrity Line Process and Data Protection Policy 1 July 2007 Page 2 of 10 Table of Contents Preamble 3 1 Scope of application 3 2 Definitions 3 3 Submitting Reports Regular Channels 3 4 Submitting

More information

Data Protection A Guide for Users

Data Protection A Guide for Users Data Protection A Guide for Users EUROPEAN PARLIAMENT Contents Contents 3 Introduction 4 Data protection standards making a difference in the European Parliament 5 Data protection the actors 6 Data protection

More information

Welcome to our job search and application platform (the Platform ). Please read our Legal Terms (which includes our Privacy Policy) carefully.

Welcome to our job search and application platform (the Platform ). Please read our Legal Terms (which includes our Privacy Policy) carefully. LEGAL TERMS AND PRIVACY POLICY Welcome to our job search and application platform (the Platform ). Please read our Legal Terms (which includes our Privacy Policy) carefully. The Platform is accessible

More information

Data Processing Agreement for Oracle Cloud Services

Data Processing Agreement for Oracle Cloud Services Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services

More information

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (90) 19 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (90) 19 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES COUNCIL OF EUROPE COMMITTEE OF MINISTERS RECOMMENDATION No. R (90) 19 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES ON THE PROTECTION OF PERSONAL DATA USED FOR PAYMENT AND OTHER RELATED OPERATIONS' (Adopted

More information

7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data

7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data Akzo Nobel N.V. Executive Committee Rules 7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data Source Directive Content Owner Directive 7.08 Protection of Personal Data AkzoNobel Legal

More information

ATMD Bird & Bird. Singapore Personal Data Protection Policy

ATMD Bird & Bird. Singapore Personal Data Protection Policy ATMD Bird & Bird Singapore Personal Data Protection Policy Contents 1. PURPOSE 1 2. SCOPE 1 3. COMMITMENT TO COMPLY WITH DATA PROTECTION LAWS 1 4. PERSONAL DATA PROTECTION SAFEGUARDS 3 5. ATMDBB EXCEPTIONS:

More information

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY

ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:

More information

The Manitowoc Company, Inc.

The Manitowoc Company, Inc. The Manitowoc Company, Inc. DATA PROTECTION POLICY 11FitzPatrick & Associates 4/5/04 1 Proprietary Material Version 4.0 CONTENTS PART 1 - Policy Statement PART 2 - Processing Personal Data PART 3 - Organisational

More information

GUIDE TO THE ISLE OF MAN DATA PROTECTION ACT. CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4

GUIDE TO THE ISLE OF MAN DATA PROTECTION ACT. CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4 GUIDE TO THE ISLE OF MAN DATA PROTECTION ACT CONTENTS PREFACE 1 1. Background 2 2. Data Protections Principles 3 3. Notification Requirements 4 PREFACE The following provides general guidance on data protection

More information

AMENDMENTS TO THE DRAFT DATA PROTECTION REGULATION PROPOSED BY BITS OF FREEDOM

AMENDMENTS TO THE DRAFT DATA PROTECTION REGULATION PROPOSED BY BITS OF FREEDOM AMENDMENTS TO THE DRAFT DATA PROTECTION REGULATION PROPOSED BY BITS OF FREEDOM On 25 January 2012, the European Commission published a proposal to reform the European data protection legal regime. One

More information

Proposed Credit Data Law, 5776-2015. Chapter A: Objective. Objective

Proposed Credit Data Law, 5776-2015. Chapter A: Objective. Objective The translation is intended solely for the convenience of the reader. This translation has no legal status and although every effort has been made to ensure its accuracy, the Bank of Israel does not assume

More information

4. LIMITATION OF LIABILITY

4. LIMITATION OF LIABILITY LEGAL NOTICE Terms and conditions of use The website icem.it ( Website ) is the exclusive property of ICEM srl, with headquarters in Via Corriera, 40 48010 Barbiano di Cotignola (RA) Italy (hereinafter

More information

Appendix 11 - Swiss Data Protection Act

Appendix 11 - Swiss Data Protection Act GLEIF- LOU Restricted Appendix 11 - Swiss Data Protection Act GLEIF Revision Version: 1.0 2015-09-23 Master Copy page 2 of 11 Applicable Provisions of the Swiss Data Protection Act (DPA) including the

More information

Binding Corporate Rules Privacy (BCRP) personal Telekom Group rights in the handling of personal data within the Deutsche Telekom Group

Binding Corporate Rules Privacy (BCRP) personal Telekom Group rights in the handling of personal data within the Deutsche Telekom Group Binding Corporate Rules Privacy (BCRP) Binding Corporate corporate Rules rules Privacy for (BCRP) the protection of personal Telekom Group rights in the handling of personal data within the Deutsche Telekom

More information

PRIVACY POLICY. Any form of reproduction in whole or in part of the content of this document is prohibited.

PRIVACY POLICY. Any form of reproduction in whole or in part of the content of this document is prohibited. Deck S.r.l. Via Cesareo Console 3 80132 Napoli (NA) P. iva: 04846431213 Cf: 04846431213 Rea 717835 Reg. Imp. di Napoli Cap. Soc. 15.000 PRIVACY POLICY Protecting and defending your privacy is important

More information

Table of contents: ***

Table of contents: *** Table of contents: *** In Europe the issue of personal data protection is settled by European Parliament s and European Council s Directive 95/46/WE of October 24, 1995 (which is basis of Polish regulations)

More information

ON MUTUAL COOPERATION AND THE EXCHANGE OF INFORMATION RELATED TO THE OVERSIGHT OF AUDITORS

ON MUTUAL COOPERATION AND THE EXCHANGE OF INFORMATION RELATED TO THE OVERSIGHT OF AUDITORS Mr. Ryutaro Hatanaka Commissioner Financial Services Agency Government of Japan 3-2-1 Kasumigaseki Chiyoda-ku, Tokyo Japan 100-8967 Dr. Kunio Chiyoda Chairman Certified Public Accountants and Auditing

More information

OVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively.

OVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively. Joint work between experts from the Article 29 Working Party and from APEC Economies, on a referential for requirements for Binding Corporate Rules submitted to national Data Protection Authorities in

More information

Information Governance Policy

Information Governance Policy Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its

More information

technical factsheet 176

technical factsheet 176 technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection

More information

AlixPartners, LLP. General Data Protection Statement

AlixPartners, LLP. General Data Protection Statement AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection

More information

Addendum Windows Azure Data Processing Agreement Amendment ID M129

<Choose> Addendum Windows Azure Data Processing Agreement Amendment ID M129 Addendum Amendment ID Proposal ID Enrollment number Microsoft to complete This addendum ( Windows Azure Addendum ) is entered into between the parties identified on the signature form for the

More information

FEDERATION OF EUROPEAN DIRECT MARKETING EUROPEAN CODE OF PRACTICE FOR THE USE OF PERSONAL DATA IN DIRECT MARKETING

FEDERATION OF EUROPEAN DIRECT MARKETING EUROPEAN CODE OF PRACTICE FOR THE USE OF PERSONAL DATA IN DIRECT MARKETING EXPLANATORY MEMORANDUM FEDERATION OF EUROPEAN DIRECT MARKETING EUROPEAN CODE OF PRACTICE FOR THE USE OF PERSONAL DATA IN DIRECT MARKETING FEDMA represents the direct marketing sector at the European level.

More information

UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY

UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY 1. Purpose 1.1 The Data Protection Act 1998 ( the Act ) has two principal purposes: i) to regulate the use by those (known as data controllers) who obtain,

More information

singapore american school

singapore american school Background The Singapore Personal Data Protection Act - 2012 (PDPA) establishes a data protection law that comprises various rules governing the collection, use, disclosure, and care of personal data.

More information

Privacy Policy. February, 2015 Page: 1

Privacy Policy. February, 2015 Page: 1 February, 2015 Page: 1 Revision History Revision # Date Author Sections Altered Approval/Date Rev 1.0 02/15/15 Ben Price New Document Rev 1.1 07/24/15 Ben Price Verify Privacy Grid Requirements are met

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1 Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees

More information

PROTECTION OF PERSONAL INFORMATION

PROTECTION OF PERSONAL INFORMATION PROTECTION OF PERSONAL INFORMATION Definitions Privacy Officer - The person within the Goderich Community Credit Union Limited (GCCU) who is responsible for ensuring compliance with privacy obligations,

More information

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19 Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility

More information

CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE

CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE Représentant les avocats d Europe Representing Europe s lawyers CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION

More information

ANNEX 1. LAW ON PERSONAL DATA PROTECTION

ANNEX 1. LAW ON PERSONAL DATA PROTECTION ANNEX 1. LAW ON PERSONAL DATA PROTECTION UNOFFICIAL TRANSLATION 1 PARLIAMENT OF THE REPUBLIC OF MACEDONIA Pursuant to Article 75, Paragraphs 1 and 2 of the Constitution of the Republic of Macedonia, the

More information

DIFC LAW NO. 1 OF 2007

DIFC LAW NO. 1 OF 2007 DATA PROTECTION LAW DIFC LAW NO. 1 OF 2007 Consolidated Version (December 2012) Amended by Data Protection Law Amendment Law DIFC Law No. 5 of 2012 CONTENTS PART 1: GENERAL... 4 1. Title... 4 2. Legislative

More information

Data Processing Agreement for Oracle Cloud Services

Data Processing Agreement for Oracle Cloud Services Data Processing Agreement for Oracle Cloud Services Version November 3, 2015 1. Scope and order of precedence This agreement (the Data Processing Agreement ) applies to Oracle s Processing of Personal

More information

on Electronic Signature and change to some other laws (Electronic Signature Act) The Parliament has hereby agreed on this Act of the Czech Republic:

on Electronic Signature and change to some other laws (Electronic Signature Act) The Parliament has hereby agreed on this Act of the Czech Republic: 227/2000 Coll. ACT of 29 th June 2000 on Electronic Signature and change to some other laws (Electronic Signature Act) Amendment: 226/2002 Coll. Amendment: 517/2002 Coll. Amendment :440/2004 Coll. Amendment:

More information

DATA PROTECTION GUIDELINES

DATA PROTECTION GUIDELINES Data Protection Commissioner DATA PROTECTION GUIDELINES GUIDELINES FOR THE PROMOTION OF GOOD PRACTICE INSURANCE BUSINESS SECTOR February 2006 These guidelines have been jointly developed by a working group

More information

Data Protection Act a more detailed guide

Data Protection Act a more detailed guide Data Protection Act a more detailed guide What does the Act do? The Data Protection Act 1998 places considerable duties on organisations which process personal data; increases the rights of access by data

More information

COMMISSION STAFF WORKING DOCUMENT. on the existing EU legal framework applicable to lifestyle and wellbeing apps. Accompanying the document

COMMISSION STAFF WORKING DOCUMENT. on the existing EU legal framework applicable to lifestyle and wellbeing apps. Accompanying the document EUROPEAN COMMISSION Brussels, 10.4.2014 SWD(2014) 135 final COMMISSION STAFF WORKING DOCUMENT on the existing EU legal framework applicable to lifestyle and wellbeing apps Accompanying the document GREEN

More information

LAW FOR PROTECTION OF PERSONAL DATA

LAW FOR PROTECTION OF PERSONAL DATA LAW FOR PROTECTION OF PERSONAL DATA Prom. SG. 1/4 Jan 2002, amend. SG. 70/10 Aug 2004, amend. SG. 93/19 Oct 2004, amend. SG. 43/20 May 2005, amend. SG. 103/23 Dec 2005, amend. SG. 30/11 Apr 2006, amend.

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

FEDERATION OF EUROPEAN DIRECT MARKETING EUROPEAN CODE OF PRACTICE FOR THE USE OF PERSONAL DATA IN DIRECT MARKETING

FEDERATION OF EUROPEAN DIRECT MARKETING EUROPEAN CODE OF PRACTICE FOR THE USE OF PERSONAL DATA IN DIRECT MARKETING EXPLANATORY MEMORANDUM FEDERATION OF EUROPEAN DIRECT MARKETING EUROPEAN CODE OF PRACTICE FOR THE USE OF PERSONAL DATA IN DIRECT MARKETING FEDMA represents the direct marketing sector at the European level.

More information

Data Protection Policy

Data Protection Policy 1 Data Protection Policy Version 1: June 2014 1 2 Contents 1. Introduction 3 2. Policy Statement 3 3. Purpose of the Data Protection Act 1998 3 4. The principles of the Data Protection Act 1998 4 5 The

More information

Privacy Rules for Customer, Supplier and Business Partner Data

Privacy Rules for Customer, Supplier and Business Partner Data Privacy Rules for Customer, Supplier and Business Partner Data Contact details Philips Privacy Office c/o Philips International BV, Amstelplein 2, 1096 BC, the Netherlands. E-mail: Philips_Privacy_Office@philips.com

More information

Act on the Protection of Privacy in Working Life (759/2004)

Act on the Protection of Privacy in Working Life (759/2004) NB: Unofficial translation Ministry of Labour, Finland Chapter 1 - General provisions Section 1 Purpose of the act Act on the Protection of Privacy in Working Life (759/2004) The purpose of this Act is

More information

Office 365 Data Processing Agreement with Model Clauses

Office 365 Data Processing Agreement with Model Clauses Enrollment for Education Solutions Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Enrollment for Education Solutions number Microsoft to complete 7392924 GOLDS03081

More information

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information INTRODUCTION Privacy legislation establishes legal privacy rights for individuals and sets enforceable

More information

ECSA EuroCloud Star Audit Data Privacy Audit Guide

ECSA EuroCloud Star Audit Data Privacy Audit Guide ECSA EuroCloud Star Audit Data Privacy Audit Guide Page 1 of 15 Table of contents Introduction... 3 ECSA Data Privacy Rules... 4 Governing Law... 6 Sub processing... 6 A. TOMs: Cloud Service... 7 TOMs:

More information

Factsheet on the Right to be

Factsheet on the Right to be 101010 100101 1010 101 Factsheet on the Right to be 100 Forgotten ruling (C-131/12) 101 101 1) What is the case about and what did 100 the Court rule? 10 In 2010 a Spanish citizen lodged a complaint against

More information

Data Protection Acts 1988 and 2003: Informal Consolidation

Data Protection Acts 1988 and 2003: Informal Consolidation Page 1 of 55 Data Protection Acts 1988 and 2003: Informal Consolidation IMPORTANT NOTICE This document is an informal consolidation of the Data Protection Acts 1988 and 2003, prepared by the Office of

More information

Employees monitoring of information and communication technologies private usage Guidelines updated in Portugal

Employees monitoring of information and communication technologies private usage Guidelines updated in Portugal COELHO RIBEIRO E ASSOCIADOS SOCIEDADE CIVIL DE ADVOGADOS Employees monitoring of information and communication technologies private usage Guidelines updated in Portugal CRA Coelho Ribeiro e Associados,

More information

California State University, Sacramento INFORMATION SECURITY PROGRAM

California State University, Sacramento INFORMATION SECURITY PROGRAM California State University, Sacramento INFORMATION SECURITY PROGRAM 1 I. Preamble... 3 II. Scope... 3 III. Definitions... 4 IV. Roles and Responsibilities... 5 A. Vice President for Academic Affairs...

More information

Last updated: 30 May 2016. Credit Suisse Privacy Policy

Last updated: 30 May 2016. Credit Suisse Privacy Policy Last updated: 30 May 2016 Credit Suisse Please read this privacy policy (the ) as it describes how we intend to collect, use, store, share, and safeguard your information. By accessing, visiting or using

More information

STATUTORY INSTRUMENTS. S.I. No. 336 of 2011

STATUTORY INSTRUMENTS. S.I. No. 336 of 2011 STATUTORY INSTRUMENTS. S.I. No. 336 of 2011 EUROPEAN COMMUNITIES (ELECTRONIC COMMUNICATIONS NETWORKS AND SERVICES) (PRIVACY AND ELECTRONIC COMMUNICATIONS) REGULATIONS 2011 (Prn. A11/1165) 2 [336] S.I.

More information

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),

More information

CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING

CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING CCBE response regarding the European Commission Public Consultation on Cloud Computing The Council of Bars and Law

More information

PRIVACY AND DATA SECURITY MODULE

PRIVACY AND DATA SECURITY MODULE "This project has been funded under the fourth AAL call, AAL-2011-4. This publication [communication] reflects the views only of the author, and the Commission cannot be held responsible for any use which

More information

Personal information, for purposes of this Policy, includes any information which relates to an identified or an identifiable person.

Personal information, for purposes of this Policy, includes any information which relates to an identified or an identifiable person. PART I: INTRODUCTION AND BACKGROUND Purpose This Data Protection Binding Corporate Rules Policy ( Policy ) establishes the approach of Fluor to compliance with European data protection law and specifically

More information

Dublin City University

Dublin City University Dublin City University Data Protection Policy Data Protection Policy Contents Purpose... 1 Scope... 1 Data Protection Principles... 1 Disclosure of Personal Data... 2 Summary of Responsibilities... 3 Rights

More information

Data Protection Consent Clause and Policy Background

Data Protection Consent Clause and Policy Background Data Protection Consent Clause and Policy Background The Singapore Personal Data Protection Act - 2012 (PDPA) establishes a data protection law that comprises various rules governing the collection, use,

More information

Recommendations for companies planning to use Cloud computing services

Recommendations for companies planning to use Cloud computing services Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation

More information

COLLINS CONSULTING, Inc.

COLLINS CONSULTING, Inc. COLLINS CONSULTING, Inc. TECHNOLOGY PLATFORM USE POLICY 53-R1 COLLINS CONSULTING, INC. TECHNOLOGY PLATFORM USE POLICY Confidential Collins Consulting, Inc. maintains, as part of its technology platform,

More information

SAFE HARBOR PRIVACY NOTICE EFFECTIVE: July 1, 2005 AMENDED: July 15, 2014

SAFE HARBOR PRIVACY NOTICE EFFECTIVE: July 1, 2005 AMENDED: July 15, 2014 SAFE HARBOR PRIVACY NOTICE EFFECTIVE: July 1, 2005 AMENDED: July 15, 2014 This Notice sets forth the principles followed by United Technologies Corporation and its operating companies, subsidiaries, divisions

More information

DATA PROTECTION IN DIRECT MARKETING

DATA PROTECTION IN DIRECT MARKETING Document 1.1.2-1 DATA PROTECTION IN DIRECT MARKETING analysis of the legislation in direct marketing Component 1 Activity 1.1.2 Final version The content of this report is the sole responsibility of Human

More information

MRS Guidelines for Business-to-Business Research. October 2011

MRS Guidelines for Business-to-Business Research. October 2011 MRS Guidelines for Business-to-Business Research October 2011 Updated September 2014 MRS is the world s largest association for people and organisations that provide or use market, social and opinion research,

More information

Merthyr Tydfil County Borough Council. Data Protection Policy

Merthyr Tydfil County Borough Council. Data Protection Policy Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the

More information

PRACTICAL LAW DATA PROTECTION MULTI-JURISDICTIONAL GUIDE 2012/13. The law and leading lawyers worldwide

PRACTICAL LAW DATA PROTECTION MULTI-JURISDICTIONAL GUIDE 2012/13. The law and leading lawyers worldwide PRACTICAL LAW MULTI-JURISDICTIONAL GUIDE 2012/13 The law and leading lawyers worldwide Essential legal questions answered in 30 key jurisdictions Analysis of critical legal issues AVAILABLE ONLINE AT WWW.PRACTICALLAW.COM/DATAPROTECTION-MJG

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

HERTSMERE BOROUGH COUNCIL

HERTSMERE BOROUGH COUNCIL HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act

More information

University of Liverpool Online Programmes - Privacy Policy for Visitors and Students

University of Liverpool Online Programmes - Privacy Policy for Visitors and Students University of Liverpool Online Programmes - Privacy Policy for Visitors and Students PLEASE NOTE: The following privacy terms relate to the University of Liverpool s online programmes and not The University

More information

INTERNATIONAL SOS. Data Protection Policy. Version 1.05

INTERNATIONAL SOS. Data Protection Policy. Version 1.05 INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 Revised: 2015 All copyright in these materials are reserved to AEA

More information

UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION

UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION UNIVERSITY OF ABERDEEN POLICY ON DATA PROTECTION The Data Protection Act 1998 (DPA) was passed in order to implement the EU Data Protection Directive (95/46/EC) and applies to all data relating to, and

More information